Submit #469226: ZeroWdd myblog 1.0 sql injectinfo

TitleZeroWdd myblog 1.0 sql inject
DescriptionThe keyword parameters for findBlogList and getTotalBlogs in src/main/resources/mapper/BlogMapper.xml are injected, allowing attackers to inject SQL without authorization
Source⚠️ https://github.com/ZeroWdd/myblog/issues/2
User
 LVZC1 (UID 76422)
Submission12/26/2024 15:27 (1 Year ago)
Moderation01/08/2025 13:05 (13 days later)
StatusAccepted
VulDB entry290782 [ZeroWdd myblog 1.0 BlogMapper.xml findBlogList/getTotalBlogs xml injection]
Points15

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!